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f Class public ClientClassA { 

Method A { 
try{ 

ServerClassM.M( ); // Might throw an authorization exception. 

// Try block successfully executes when 
// invoked by entity with proper authority, 
402 — < II such as BankManager 

' } 

catch (Auth Exception e) 

{ 

// Codepath not reached for BankManager role 

} 

} 

L } 

f Class public ClientClassB { 



Method B { 
try{ 



404 



} 



ServerClassM.M( ); // Might throw an authorization exception. 

// Try block fails to execute when invoked 
// by entity with improper authorization, 
// such as BankTeller 

} 

catch (Auth Exception e) 

{ 
} 



// Codepath reached for BankTeller role 



(* Class public ServerClassM { 



408 Method M ( ) enforces ManagerAuthorization.AuthMethod 

} 

I Class public Manager Authorization { 

406 -< 

Method Auth Method ( ) throws Auth Exception { 

// Body of AuthMethod containing authorization process 

} 

l> 



Figure 4A 
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f Class public ClientClassA { 



Method A { 
try{ 

ServerClassM.M( ); // Might throw an authorization exception. 

// Try block successfully executes when 
// invoked by entity with proper authority, 
// such as BankManager role 

catch (Auth Exception e) 
{ 

// Codepath not reached for BankManager role 

} 

} 

I } 

C Class public ClientClassB { 



Method B { 
try{ 

ServerClassM.M( ); // Might throw an authorization exception. 

// Try block fails to execute when invoked 
// by entity with improper authorization, 
// such as BankTeller role 

} 

catch (Auth Exception e) 
{ 

// Codepath reached for BankTeller role 

} 

} 

L } 

f Class public ServerClassM enforces ManagerAuthorization.AuthMethod { 412 



410 



Method M ( ) { 
} 

} 

Class public Manager Authorization { 

Method AuthMethod ( ) throws AuthException { 
} 

^ } 



Figure 4B 
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dec -> classdec 

classdec -» class classjd extends classjd { { classjield } } 
602 — classdec -» class class_id extends classjd enforces authMethod { { classjield } } 

classjield -> vardec 
classjield method 

608 — method -» method id(tyfields) enforces authMethod 



604 



method -» method id(tyfields) = exp 
authMethod —> method id(tyfields) = exp 



606 — 



method -» method id(tyfields):type_id = exp 
authMethod -> method id(tyfields):type_id = exp 



exp — > new class_id 

exp lvalue id( ) 

exp -» lvalue id( exp {, exp} ) 
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802 class CC extends Object { 

method A ( ) = { SC:M( ) } 

} 



804 



class SC extends Object enforces ACLCIass:R { 

method M ( ) = { body of M } 
method F ( ) = { body of F } 



806 



class SC extends Object { 



} 



method M ( ) enforces ACLCIass:R = { body of M } 
method F ( ) = { body of F } 



808 class SCSC extends SC { 

method M ( ) = { body of M } 



} 
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